This is a writeup describing an unauthenticated file upload vulnerability in Add An Ad Cart and Add An Event scripts. The exploit involves uploading a shell via a direct path to achieve remote code execution.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Add An Ad Cart, Add An Event
No auth needed
Prerequisites:Access to the target URL path /adminscripts/uploadfile.php